slides

A collection of slides.

2024

• Simple bug but not easy exploit: Rooting Android devices in one shot
  • Conference: Cansecwest 2024
  • Almost same with (POC 2023), except for MTE

2023

• Simple bug but not easy exploit: Rooting Android devices in one shot

  • Conference: POC 2023
  • The vendor's specific migitatioin bypass has been removed. Sorry.

• GPU Accelerated Android rooting

  • Conference: MOSEC 2023

• Make KSMA Great Again: The Art of Rooting Android devices by GPU MMU features

  • Conference: BlackHat USA 2023

• Two bugs with one PoC: Rooting Pixel 6 from Android 12 to Android 13

  • Conference: BlackHat Aisa 2023

• Two bugs with one PoC: Rooting Pixel 6 from Android 12 to Android 13

  • Conference: Cansecwest 2023
  • Same with (BlackHat Aisa 2023)

2022

• Ret2page: The Art of Exploiting Use-After-Free Vulnerabilities in the Dedicated Cache

  • Conference: BlackHat USA 2022

• A bug collision tale: Building universal Android 11 rooting solution with a UAF vulnerability

  • Conference: Zer0con 2022

2020

• Recovering the Attack: 1-Click Universal Remote Rooting from Chrome Sandbox
  • Conference: POC x Zer0con 2020

2019

• Thinking outside the JIT Compiler: Understanding and bypassing StructureID Randomization with generic and old-school methods

  • Conference: BlackHat Europe 2019

• From Zero to Root: Building Universal Android Rooting with a Type Confusion Vulnerability

  • Conference: Zer0con 2019

2018

• KSMA: Breaking Android kernel isolation and Rooting with ARM MMU features

  • Conference: BlackHat Aisa 2018

• Rooting Android 8 with a Kernel Space Mirroring Attack

  • Conference: HITB Amsterdam 2018